This invention relates generally to the secure transmission of data. More specifically, the invention relates to a system for establishing a secure exchange of information between a sending unit and a receiving unit.
In the transmission of data between a sender and a receiver, there is a need for a system that allows a secure transaction to take place when the sending unit and the receiving unit have not established a secure channel through which data can be transmitted. It is often difficult for a separate secure channel to exist. Hence, there is a need for a system that permits a secure exchange of information between the sending unit and the receiving unit when such a separate secure channel does not exist.
In one situation, for example, a sending unit will need to send administrative information to the receiving unit. This administrative information may not need to be encrypted. However, it will likely need to be authenticated. Thus, there is a need to ensure that the administrative information that was sent was not corrupted during its transmission through the transmission channel, for example, by an attacker. An attacker wishing to corrupt the transmitted message could stage a “man in the middle” attack on the transmission in order to corrupt the data. Thus, there is a need for a system that prevents such corruption.